CN108495309A - Method, electronic equipment and the storage medium of information processing - Google Patents
Method, electronic equipment and the storage medium of information processing Download PDFInfo
- Publication number
- CN108495309A CN108495309A CN201810117435.2A CN201810117435A CN108495309A CN 108495309 A CN108495309 A CN 108495309A CN 201810117435 A CN201810117435 A CN 201810117435A CN 108495309 A CN108495309 A CN 108495309A
- Authority
- CN
- China
- Prior art keywords
- client
- key information
- information
- key
- dynamic
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
Abstract
The invention discloses a kind of method of information processing, the method includes:Obtain the first key information for calculating dynamic key;The dynamic key is generated according to the fixed key information of the first key information and client;Wherein, the fixed key information is the distribution of client-side management platform, and the fixed key information of different clients is different;The information interacted is encrypted or decrypted using the dynamic key.The invention also discloses a kind of electronic equipment and storage medium.
Description
Technical field
The present invention relates to the information processing technology in field of mobile terminals, more particularly to a kind of method of information processing, electricity
Sub- equipment and storage medium.
Background technology
Cybertimes people carry out various activities in a network at present, and various information are in network in network transmission process
In it is disclosed and be easy to be acquired, it is all acceptable that some public informations are got by anyone, but right
In the information that some carry secret property, we then need to be protected accordingly, and encryption technology is then to solve the problems, such as this at this time
Effective means.
Currently cipher mode common in network transmission process includes:With logical for the hypertext transfer protocol of target safely
Road (Hyper Text Transfer Protocol over Secure Socket Layer, HTTPS) encryption technology and client
Hold encryption technology.However, these cipher modes cannot be guaranteed the safe transmission of information.
Invention content
To solve existing technical problem, the embodiment of the present invention mainly provides a kind of method of information processing, equipment
And storage medium, it can solve the problems, such as that information is unable to safe transmission.
What the technical solution of the embodiment of the present invention was realized in:
An embodiment of the present invention provides a kind of method of information processing, the method includes:
Obtain the first key information for calculating dynamic key;
The dynamic key is generated according to the fixed key information of the first key information and client;Wherein, described
Fixed key information is the distribution of client-side management platform, and the fixed key information of different clients is different;
The information interacted is encrypted or decrypted using the dynamic key.
In above-mentioned technical proposal, the method further includes:
Receive the fixed key information that the client-side management land period is sent.
It is described according to described in the generation of the fixed key information of the first key information and client in above-mentioned technical proposal
Dynamic key, including:
It carries out the first key information and the fixed key information to obscure operation, the character string after being obscured;
Hash processing is carried out to the character string, generates the dynamic key.
It is described to carry out the first key information and the fixed key information to obscure operation in above-mentioned technical proposal,
Character string after being obscured, including:
The first key information and the fixed key information are subjected to step-by-step and operation, generate the character after obscuring
String.
In above-mentioned technical proposal,
The client is to be formed according to the type of service of application, wherein different types of service corresponds to different visitors
Family end.
In above-mentioned technical proposal,
If the method is applied to be equipped in the terminal of the client, the obtained for calculating dynamic key
One key information, including:
The first key information for calculating dynamic key is received from server.
In above-mentioned technical proposal,
If the method is applied in the server for providing service to the client, the acquisition is close for calculating dynamic
The first key information of key, including:
It is local to read the first key information for calculating dynamic key.
The embodiment of the present invention additionally provides a kind of method of information processing, the method includes:
According to the type of service of application, client corresponding with the type of service of the application is generated;
Fixed key information is distributed for the client, wherein the fixed key information of each client is different;
The fixed key information of the client is sent to server and the terminal of the client is installed;Wherein,
The first key information that the fixed key information is used to provide with server generates dynamic key;Wherein, the dynamic is close
Key, the information encryption for being interacted to the server and the client or decryption.
In above-mentioned technical proposal, the method further includes:
Periodically it is that the client distributes fixed key information.
In above-mentioned technical proposal, the method further includes:
Receive the risk report that risk control system is sent;
When the risk report shows the client there are abnormal behaviour, new consolidate is distributed to there is abnormal client
Determine key information;
The new fixed key information is sent to abnormal client and server.
The embodiment of the present invention additionally provides a kind of electronic equipment, and the electronic equipment is terminal or server, the electronics
Equipment includes:
Acquisition module, for obtaining the first key information for calculating dynamic key;
Generation module, it is close for generating the dynamic according to the fixed key information of the first key information and client
Key;Wherein, the fixed key information is the distribution of client-side management platform, and the fixed key information of different clients is different;
Encryption Decryption module, for the information interacted to be encrypted or decrypted using the dynamic key.
The embodiment of the present invention additionally provides a kind of electronic equipment, and the equipment includes:
Client generation module generates corresponding with the type of service of the application for the type of service according to application
Client;
Distribution module, for distributing fixed key information for the client, wherein the fixed key letter of each client
Breath is different;
Sending module, for the fixed key information of the client to be sent to server and is equipped with the client
Terminal;Wherein, the first key information that the fixed key information is used to provide with server generates dynamic key;Wherein,
The dynamic key, the information encryption for being interacted to the server and the client or decryption.
The embodiment of the present invention additionally provides a kind of electronic equipment, including:Processor and for store can be on a processor
The memory of the computer program of operation,
The step of processor is for when running the computer program, executing the above method.
The embodiment of the present invention additionally provides a kind of computer readable storage medium, is stored thereon with computer program, the meter
The step of above method is realized when calculation machine program is executed by processor.
The method for the information processing that the embodiment of the present invention is provided can be distributed by client-side management platform for client
Different fixed key information, and then can ensure that the content operation of the same type of service of application corresponds to a client.
When information is encrypted or decrypted, the first key information for calculating dynamic key can be obtained, using first key information and admittedly
Determine key information and generates dynamic key.When client and server transmit information, it is interaction that can use the dynamic key
Information encryption or decryption.
On the one hand, due to different clients have different dynamic key, thereby may be ensured that server with client
When communication, different clients correspond to different dynamic key, even if the dynamic key of a client is cracked, other service class
The key of the corresponding client of type or safety, and then can ensure the safe transmission of information to the maximum extent.
On the other hand, since dynamic key is generated based on fixed key information and first key information, even if fixed
One of key information or first key information are cracked, and final dynamic key will not be cracked.And first key is believed
Breath can be by server dynamic generation, even if dynamic key is cracked during current sessions, and the dynamic key of next session can be with
It changes, to ensure the safety of information in next session.
Description of the drawings
Fig. 1 is the basic procedure schematic diagram of an information processing method provided in an embodiment of the present invention;
Fig. 2 is the basic procedure schematic diagram of an information processing method provided in an embodiment of the present invention;
Fig. 3 is the idiographic flow schematic diagram of an information processing method provided in an embodiment of the present invention;
Fig. 4 is the flow diagram of client generation method provided in an embodiment of the present invention;
Fig. 5 is the structural schematic diagram of a terminal provided in an embodiment of the present invention;
Fig. 6 is the structural schematic diagram of a server provided in an embodiment of the present invention;
Fig. 7 is the structural schematic diagram of an electronic equipment provided in an embodiment of the present invention;
Fig. 8 is the structural schematic diagram of an information processing system provided in an embodiment of the present invention;
Fig. 9 is the structural schematic diagram of an electronic equipment provided in an embodiment of the present invention;
Figure 10 is the structural schematic diagram of an electronic equipment provided in an embodiment of the present invention.
Specific implementation mode
A kind of information processing method of offer of the embodiment of the present invention is by using fixed key and dynamic key to client
It is encrypted or decrypts with the information of server transport, be ciphertext to make the information in network transmission all, it is ensured that information
It can not Direct Recognition being acquired in network transmission process.If the letter only transmitted between browser and network service
Encryption for information is can not to ensure the safety of information before being transmitted, once information before being transmitted once be acquired and distort, that
Information is just no longer safe.If the information of transmission be encrypted in data processing stage, obtained in any transmission stage
The data got are ciphertext data.But since the encrypted secret key of client is fixed, the meeting once encryption data is cracked
Cause encrypted secret key to be revealed, then can also have safety problem using other encrypted data of the client, in turn results in big
Measure information leakage.In the embodiment of the present invention, client-side management platform can be according to the type of service of application, for the same of the application
A client is arranged in the content operation that one business carries out, and then different clients can apply different type of service phases from this
It is corresponding.Client-side management platform can be that each client distributes corresponding fixed key information, and then can ensure each visitor
The fixed key information at family end is different.After client terminal start-up, first key information can be obtained from server, recycle first
Key information and the fixed key information of itself generate dynamic key.Meanwhile server can be obtained from client-side management platform
The fixed key information of the client is generated using the first key information of the client and the fixed key information of the client
Dynamic key.When the client and server transmit information, which is the letter transmitted using dynamic key with server
Encryption for information and decryption.
The type of service can be divided according to operation contents such as the function of application, attribute or objects, for example, some
The operation contents such as the game charater of application or equipment store, can be divided into the different service types of the application.
The basic procedure of the information processing method provided in the embodiment of the present invention is as shown in Figure 1, may comprise steps of:
Step 101, the first key information for calculating dynamic key is obtained;
Step 102, the dynamic key is generated according to the fixed key information of the first key information and client;Its
In, the fixed key information is the distribution of client-side management platform, and the fixed key information of different clients is different;
Step 103, the information interacted is encrypted or decrypted using the dynamic key.
Described information processing method can be applied in the terminal for being equipped with the client, or apply to the visitor
Family end is provided in the server of service.
Client in the embodiment of the present invention is client corresponding with the type of service of application, different service types
Operation content corresponds to different clients.For example, when a certain application increases equipment this type of service of store, client-side management is flat
Platform can be that corresponding webpage client is arranged in equipment store.This way it is possible to avoid all operable contents are all corresponding in
One client, so as to increase the privacy of operable content.
When the method is applied to be equipped in the terminal of the client, before the step 101, the method
Further include:When the client terminal start-up, session request is sent to server.It, should after being specifically loaded such as a certain client
User end to server sends session request, to establish the session connection with server.
In a step 101, when the method is applied to be equipped in the terminal of the client, the acquisition is based on
The first key information of dynamic key is calculated, including:The first key information for calculating dynamic key is received from server.
Wherein, the first key information can be the key information that server distributes to each client.
It is described to obtain for calculating dynamic when the method is applied to provide in the server of service to the client
The first key information of key, including:It is local to read the first key information for calculating dynamic key.Here, described
First key information can be the key information that server local generates.
Specifically such as, when a certain client is loaded, which sends session request.Server receives institute
After stating session request, the first key information of the client is distributed in locally reading, and first key information is sent to
The client.Here key information can be key (KEY) value, and server can be in local random generation KEY values.It is incited somebody to action in server
After first key information distributes to corresponding client, the corresponding pass between the first key information of distribution and client is recorded
System.
In a step 102, described that described move is generated according to the fixed key information of the first key information and client
State key can be the client or server by utilizing preset rules to the first key information and fixed key information into
Row processing, generates the dynamic key information.The preset rules can be the data processing methods such as preset algorithm.
The fixed key information according to the first key information and client, generating the dynamic key can wrap
It includes:It carries out the first key information and the fixed key information to obscure operation, the character string after being obscured;To described
Character string carries out Hash processing, generates the dynamic key.For example, bit manipulation can be utilized the first key information and institute
It states fixed key information to be obscured, the bit manipulation can be step-by-step and operation, step-by-step or operation or xor operation etc..Institute
It states and Hash processing is carried out to the character string, can be to carry out that the processing of salt Hash, described plus salt Hash is added to calculate to the character string
Method can be HMAC-SHA1.
When the bit manipulation be step-by-step with operation when, it is described by the first key information and the fixed key information into
Row obscures operation, and the character string after being obscured may include:The first key information and the fixed key information are carried out
Step-by-step and operation, generate the character string after obscuring.
It should be noted that be only a citing to generating dynamic key mode here, it can basis in practical operation
The demand of specific encryption scene selects suitable dynamic key production mode.
The fixed key information can be the key information that client-side management platform is distributed when generating the client.
The fixed key information of different clients is different.Client-side management platform can carry out client according to the type of service of application
Management, for example, increasing client, reducing client or distributing fixed key information for client.Client is receiving client
After the fixed key information of end pipe platform distribution, fixed key information is stored.
Optionally, the client receives the fixed key information that the client-side management land period is sent.It is described
The period of update fixed key information can be arranged in client-side management platform, and fixed key information is redistributed with again for client
Reinforce the client;Again similarity can be less than certain threshold value between the information that the client reinforced is transmitted, such as
Similarity is less than 30%.And then can ensure that the dynamic key that different clients use is different, it improves in information interactive process
Safety.
Correspondingly, server can obtain institute in the session request for receiving client from the client-side management platform
State the fixed key information of client.And then the fixed key information of the client and first key information can be utilized to generate
The dynamic key.
In step 103, the letter that dynamic key encryption or decryption interact described in the client or server by utilizing
Breath.When the client and the server carry out information exchange, it is interactive that can use the dynamic key information generated
Information is encrypted or decryption.In this way, when carrying out information exchange, each client can use the dynamic different from other clients
Key is the information encryption or decryption interacted with server, even if the dynamic key of a certain client is cracked, will not be influenced
The information security of other clients;And the fixed key information for generating dynamic key can periodically update, and then do not interfere with this
The safety of client session next time, so as to improve the safety of information transmission.
The embodiment of the present invention additionally provides a kind of information processing method, basic procedure such as Fig. 2 of described information processing method
It is shown, include the following steps:
Step 201, according to the type of service of application, client corresponding with the type of service of the application is generated;
Step 202, it is that the client distributes fixed key information, wherein the fixed key information of each client is not
Together;
Step 203, the fixed key information of the client is sent to server and the end of the client is installed
End;Wherein, the first key information that the fixed key information is used to provide with server generates dynamic key;Wherein, described
Dynamic key, the information encryption for being interacted to the server and the client or decryption.
The information processing method that the embodiment of the present invention is provided can be applied in client-side management platform, the step
201 can be, client-side management platform generates client corresponding with the type of service of the application according to the type of service of application
End.
The type of service can be divided according to operation contents such as the function of application, attribute or objects, as some is answered
The operation contents such as game charater or equipment store, can be divided into the different service types of the application.For example, client's end pipe
Platform such as equips this business of store when detecting that a certain application increases new business, and client-side management platform can be dress
Corresponding webpage client is arranged in standby store.This way it is possible to avoid all operable contents all correspond to a client in,
So as to increase the privacy of operable content.
In step 202, the client-side management platform is that the client distributes fixed key information.Here, described
Client-side management platform can be randomly assigned fixed key information, and the fixed key information of each client is different.It is solid in distribution
When determining key information, client-side management platform can also record the correspondence between fixed key information and each client,
In this way, when server obtains the fixed key information for obtaining a certain client to client-side management platform, client-side management is flat
Fixed key information corresponding with the client can be sent to by platform according to the correspondence of fixed key information and client
Server.
Optionally, the client-side management platform can periodically be that the client distributes fixed key information.It is described
The period of update fixed key information can be arranged in client-side management platform, and fixed key information is redistributed with again for client
Reinforce the client;Again similarity can be less than certain threshold value between the information that the client reinforced is transmitted, such as
Similarity is less than 30%.And then can ensure that the dynamic key that different clients use is different, it improves in information interactive process
Safety.
Correspondingly, the client-side management platform can believe newer fixed key after updating fixed key information
Breath is sent to server, so that server can utilize updated fixed key information to generate dynamic key, and then makes service
Device is the information encryption or decryption interacted with client using correct dynamic key.
Optionally, the client-side management platform can also receive the risk report of risk control system transmission;When described
When risk report shows the client there are abnormal behaviour, the client to have abnormal distributes new fixed key information;It will
The new fixed key information is sent to abnormal client and server.The client-side management platform can also be in risk
When report shows the client there are abnormal behaviour, the client there are abnormal behaviour is updated.
In order to better ensure that safety of the information in transmission process, risk control system can be established to the client
Behavior be monitored.When risk control system detects that certain client, can be to client's end pipe there are when abnormal behaviour
Platform sends risk report.The abnormal behaviour may include:In the case of without permission, find there is the number distorted
According to;Alternatively, a certain operation of client is excessively frequent;Alternatively, the function of client can not be used.When client's end pipe
Platform receives when showing the client there are abnormal behaviour, and client-side management platform can be the presence of abnormal client weight
New distribution fixed key information ensures the safety of information so as to there is abnormal client and server update dynamic key.
In step 203, the fixed key information of the client can be sent to server by client-side management platform
With the terminal for being equipped with the client.The first key information life that the fixed key information can be used for providing with server
At dynamic key;The information encryption or solution that the dynamic key can be used for interacting the server and the client
It is close.
Fig. 3 is the idiographic flow schematic diagram of information processing method provided in an embodiment of the present invention.Described information processing method
It may comprise steps of:
Step 310, client-side management platform generates multiple client according to the type of service of application, and is each client
Distribute fixed key information.
The process of client generation method can be as shown in Figure 4, it may include following steps:
When step 311, using new operable content is increased, it can be added in client-side management platform in newly-increased operation
Hold;
Step 312, client-side management platform generates a fixed key information at random;
Step 313, client-side management combines newly-increased operation content using the fixed key information generated, generates one only
It can be used for increasing newly the client of operation content.
For example, when increasing one or more articles for sale when application increases a certain function or in store, it can be according to newly-increased
Operable content adds corresponding webpage client for the operable content.In this way, just can avoid all operable contents all
Using same client, and then promote the privacy of operation content.
Step 314, by the client synchronization of generation to applying, with for users to use.
To improve information security, client-side management platform can periodically be that client sends fixed key information.
Step 320, after client is loaded, the user end to server sends session request, is obtained from server
First key information.
Here, the first key information can be the key information that server generates at random according to session request, such as
KEY values.
Step 330, client generates dynamic key according to the fixed key information of the first key information and itself.
Client carries out obscuring operation to the fixation key information of itself with the KEY values obtained from server, then to mixed
Character string after confusing carries out plus salt hashing operation, using obtained cryptographic Hash as dynamic secret key.
Step 340, server obtains the fixed key of client from client-side management platform, is believed using the first key
Breath and fixed key information generate dynamic key.
Here, server generate the dynamic key mode can with client generate the mode of dynamic key it is identical,
Which is not described herein again.
Step 350, client and server carries out information exchange using the dynamic key.
For client and server when being transmitted into row information, it is that the information transmitted is encrypted that can use the dynamic key generated
Or decryption.
In embodiments of the present invention, different clients can correspond to the different service types of application, and different clients have
There is different fixation key informations.Higher safety is had based on the dynamic key that fixed key information generates in this way, is not allowed
It is easily cracked, even if the dynamic secret key of a certain client is cracked, the communication security of other clients will not be influenced.
It, can also be in time in the embodiment of the present invention when reaching preset period of time or when finding to have abnormal client
Client and fixed key information are updated, since each user loads client when using client, user can make in time
With the client of safety.Even if the dynamic secret key of client is cracked, the communication of same client other users will not be influenced
Safety and the communication security of user session next time.
The embodiment of the present invention additionally provides a kind of terminal, and the terminal composed structure is as shown in figure 5, include:
Acquisition module 501, for obtaining the first key information for calculating dynamic key;
Generation module 502, it is described dynamic for being generated according to the fixed key information of the first key information and client
State key;Wherein, the fixed key information is the distribution of client-side management platform, and the fixed key information of different clients is not
Together;
Encryption Decryption module 503, for the information interacted to be encrypted or decrypted using the dynamic key.
Wherein, the client is to be formed according to the type of service of application, wherein different types of service corresponds to different
Client.
The client-side management platform can be according to the type of service of application, in the same business progress of the application
Hold one client of operation setting, and then different clients can be corresponding using different types of service from this.Client's end pipe
Platform can be that each client distributes corresponding fixed key information, and then can ensure the fixed key of each client
Information is different.The acquisition module 501 receives the first key information for calculating dynamic key from server;And then it is raw
First key information and the fixed key information of itself can be utilized to generate dynamic key at module 502.When the client and clothes
When device transmission information of being engaged in, the Encryption Decryption module 503 is the information encryption or decryption transmitted using dynamic key.
The Encryption Decryption module 503 is specifically used for carrying out the first key information and the fixed key information
Obscure operation, the character string after being obscured;Hash processing is carried out to the character string, generates the dynamic key.It is described right
The character string carries out Hash processing, can be to carry out adding the processing of salt Hash to the character string, described plus salt hash algorithm can
Think HMAC-SHA1.
The Encryption Decryption module 503 is specifically used for carrying out the first key information and the fixed key information
Step-by-step and operation, generate the character string after obscuring.Here step-by-step can also replace with step-by-step or operation or exclusive or with operation
The operations such as operation.
Further, the acquisition module 501 is additionally operable to receive the fixation that the client-side management land period is sent
Key information.In this way, generation module 502 can periodically generate dynamic key, 503 timing of Encryption Decryption module is set to use different
Dynamic key be information encrypt or decrypt.In this way, even if the dynamic key of a certain client is cracked, other will not be influenced
The information security of client, to improve the safety of information.
The embodiment of the present invention additionally provides a kind of server, and the composed structure of the server is as shown in fig. 6, include:
Acquisition module 601, for obtaining the first key information for calculating dynamic key;
Generation module 602, it is described dynamic for being generated according to the fixed key information of the first key information and client
State key;Wherein, the fixed key information is the distribution of client-side management platform, and the fixed key information of different clients is not
Together;
Encryption Decryption module 603, for the information interacted to be encrypted or decrypted using the dynamic key.
Wherein, the client is to be formed according to the type of service of application, wherein different types of service corresponds to different
Client.
The client-side management platform can be according to the type of service of application, in the same business progress of the application
Hold one client of operation setting, and then different clients can be corresponding using different types of service from this.Client's end pipe
Platform can be that each client distributes corresponding fixed key information, and then can ensure the fixed key of each client
Information is different.The acquisition module 601 reads the first key information for calculating dynamic key from local;And then it generates
Module 602 can utilize first key information and the fixed key information of itself to generate dynamic key.When the client and service
When device transmits information, the Encryption Decryption module 603 is the information encryption or decryption transmitted using dynamic key.
The Encryption Decryption module 603 is specifically used for carrying out the first key information and the fixed key information
Obscure operation, the character string after being obscured;Hash processing is carried out to the character string, generates the dynamic key.It is described right
The character string carries out Hash processing, can be to carry out adding the processing of salt Hash to the character string, described plus salt hash algorithm can
Think HMAC-SHA1.
The Encryption Decryption module 603 is specifically used for carrying out the first key information and the fixed key information
Step-by-step and operation, generate the character string after obscuring.Here step-by-step can also replace with step-by-step or operation or exclusive or with operation
The operations such as operation.
Further, the acquisition module 601 is additionally operable to receive the fixation that the client-side management land period is sent
Key information.In this way, generation module 602 can periodically generate dynamic key, 603 timing of Encryption Decryption module is set to use different
Dynamic key be information encrypt or decrypt.In this way, even if the dynamic key of a certain client is cracked, other will not be influenced
The information security of client, to improve the safety of information.
The embodiment of the present invention additionally provides a kind of electronic equipment, and the composed structure of the electronic equipment is as shown in fig. 7, packet
It includes:
Client generation module 701 generates corresponding with the type of service of the application for the type of service according to application
Client;
Distribution module 702, for distributing fixed key information for the client, wherein the fixation of each client is close
Key information is different;
Sending module 703, for the fixed key information of the client to be sent to server and is equipped with the visitor
The terminal at family end;Wherein, the first key information that the fixed key information is used to provide with server generates dynamic key;
Wherein, the dynamic key, the information encryption for being interacted to the server and the client or decryption.
The type of service can be divided according to operation contents such as the function of application, attribute or objects, as some is answered
The operation contents such as game charater or equipment store, can be divided into the different service types of the application.This way it is possible to avoid
All operable contents all correspond to a client in, so as to increase the privacy of operable content.
The distribution module 702 is additionally operable to periodically be that the client distributes fixed key information.In this way, even if certain
The dynamic key of one client is cracked, and will not influence the information security of other clients, to improve the safety of information.
The encryption device further includes:Receiving module 704, the risk report for receiving risk control system transmission;Institute
Distribution module 702 is stated, is additionally operable to when the risk report shows the client there are abnormal behaviour, for the client for having abnormal
New fixed key information is distributed at end;The sending module 703 is additionally operable to the new fixed key information being sent to exception
Client and server.
Optionally, the encryption device further includes:Client update module 705 shows to deposit for working as the risk report
In the client of abnormal behaviour, the client that there is exception is updated.It is deposited in this way, receiving display in receiving module 704
In the client of abnormal behaviour, client update module 705 can also timely update client.Since each user is using
Client is loaded when client, user can timely use safe client.Even if the dynamic secret key of client is cracked
The communication security of same client other users and the communication security of user session next time are not interfered with.
The embodiment of the present invention additionally provides a kind of information processing system, and the composed structure of the system is as shown in figure 8, packet
It includes:Terminal 801, server 802, client-side management platform 803.
The terminal 801, is equipped with client, for receiving for calculating dynamic key from the server 802
One key information generates the dynamic key according to the fixed key information of the first key information and client, utilizes institute
State the information that dynamic key encryption or decryption interact.
The server 802, for sending the first key information for calculating dynamic key, root to the terminal 801
The dynamic key is generated according to the fixed key information of the first key information and client, is encrypted using the dynamic key
Or the information that decryption interacts.
The client-side management platform 803 generates the type of service with the application for the type of service according to application
Corresponding client;Fixed key information is distributed for the client, wherein the fixed key information of each client is different;
The fixed key information of the client is sent to server and the terminal of the client is installed.
Further, the terminal 801 or server 802 are additionally operable to receive the client-side management land period hair
The fixed key information sent.
The terminal 801 or server 802, be specifically used for by the first key information and the fixed key information into
Row obscures operation, the character string after being obscured;Hash processing is carried out to the character string, generates the dynamic key.
The terminal 801 or server 802, be specifically used for by the first key information and the fixed key information into
Row step-by-step and operation, generate the character string after obscuring.
The client-side management platform 803, it is the client to be additionally operable to periodically send to the terminal and server
Distribute fixed key information.
Optionally, the system also includes:Risk control system 804, the behavior for monitoring the client, works as detection
The client sends risk report there are when abnormal behaviour to the client-side management platform 803.
The client-side management platform 803 is additionally operable to receive the risk report that the risk control system is sent;When described
When risk report shows the client there are abnormal behaviour, the client to have abnormal distributes new fixed key information;It will
The new fixed key information is sent to abnormal client and server.
Specifically, client-side management platform 803 generates multiple client according to the type of service of application, and is each client
End distribution fixed key information, and the fixed key information is sent to the terminal and server for being equipped with the client.
After client is loaded, the terminal 801 for installing the client sends session request to server 802, is obtained from server 802
Take first key information.Here, the first key information can be that server is believed according to the key that session request generates at random
Breath, such as KEY values.
Terminal 801 to the fixation key information of client with obtain the first key information that 801 take from server and obscure
Then operation carries out the character string after obscuring adding salt hashing operation, using obtained cryptographic Hash as dynamic secret key.Correspondingly,
Server 802 can utilize the fixed key information of the first key information and client, generate dynamic key.Client kimonos
Device be engaged in when being transmitted into row information, it is the information encryption or decryption transmitted that can use the dynamic key generated.
In embodiments of the present invention, different clients can correspond to the different service types of application, and different clients have
There is different fixation key informations.Higher safety is had based on the dynamic key that fixed key information generates in this way, is not allowed
It is easily cracked, even if the dynamic secret key of a certain client is cracked, the communication security of other clients will not be influenced.
In order to better ensure that safety of the information in transmission process, row of the risk control system 804 to the client
To be monitored.When risk control system 804 detects that certain client, can be to the client-side management there are when abnormal behaviour
Platform 803 sends risk report.Client-side management platform 803 receives when showing the client there are abnormal behaviour, Ke Yiwei
Fixed key information is redistributed in the presence of abnormal client, so as to there is abnormal client and server update dynamic key,
Ensure the safety of information.Since each user loads client when using client, user can timely use safe visitor
Family end.Even if the dynamic secret key of client is cracked, the communication security of same client other users will not be influenced and be somebody's turn to do
The communication security of user's session next time.
The embodiment of the present invention additionally provides a kind of electronic equipment, and the composed structure of the electronic equipment is as shown in figure 9, packet
It includes:Processor 901 and memory 902 for storing the computer program that can be run on a processor,
The step of processor 901 is for when running the computer program, executing following methods:
Obtain the first key information for calculating dynamic key;
The dynamic key is generated according to the fixed key information of the first key information and client;Wherein, described
Fixed key information is the distribution of client-side management platform, and the fixed key information of different clients is different;
The information interacted is encrypted or decrypted using the dynamic key.
The processor 901 is also executed when running the computer program:
Receive the fixed key information that the client-side management land period is sent.
The processor 901 is also executed when running the computer program:
It carries out the first key information and the fixed key information to obscure operation, the character string after being obscured;
Hash processing is carried out to the character string, generates the dynamic key.
The processor 901 is also executed when running the computer program:
The first key information and the fixed key information are subjected to step-by-step and operation, generate the character after obscuring
String.
Wherein, the client is to be formed according to the type of service of application, wherein different types of service corresponds to different
Client.
When the processor 901, which is located at, to be equipped in the terminal of the client, the processor 901 is described in operation
When computer program, also execute:
The first key information for calculating dynamic key is received from server.
When the processor 901, which is located at, to be provided in the server of service to the client, the processor 901 is being transported
When the row computer program, also execute:
It is local to read the first key information for calculating dynamic key.
The embodiment of the present invention additionally provides a kind of storage medium, is stored thereon with computer program, by by based on described
Calculation machine program at least can perform the step of following methods:
Obtain the first key information for calculating dynamic key;
The dynamic key is generated according to the fixed key information of the first key information and client;Wherein, described
Fixed key information is the distribution of client-side management platform, and the fixed key information of different clients is different;
The information interacted is encrypted or decrypted using the dynamic key.
When the computer program is run by processor, also execute:
Receive the fixed key information that the client-side management land period is sent.
When the computer program is run by processor, also execute:
It carries out the first key information and the fixed key information to obscure operation, the character string after being obscured;
Hash processing is carried out to the character string, generates the dynamic key.
When the computer program is run by processor, also execute:
The first key information and the fixed key information are subjected to step-by-step and operation, generate the character after obscuring
String.
When the computer program is run by processor, also execute:
The first key information for calculating dynamic key is received from server.
When the computer program is run by processor, also execute:
Read the first key information for calculating dynamic key.
The embodiment of the present invention additionally provides a kind of electronic equipment, and the composed structure of the electronic equipment is as shown in Figure 10, packet
It includes:Processor 1001 and memory 1002 for storing the computer program that can be run on a processor,
The step of processor 1001 is for when running the computer program, executing following methods:
According to the type of service of application, client corresponding with the type of service of the application is generated;
Fixed key information is distributed for the client, wherein the fixed key information of each client is different;
The fixed key information of the client is sent to server and the terminal of the client is installed;Wherein,
The first key information that the fixed key information is used to provide with server generates dynamic key;Wherein, the dynamic is close
Key, the information encryption for being interacted to the server and the client or decryption.
The processor 1001 is also executed when running the computer program:
Periodically it is that the client distributes fixed key information.
The processor 1001 is also executed when running the computer program:
Receive the risk report that risk control system is sent;
When the risk report shows the client there are abnormal behaviour, new consolidate is distributed to there is abnormal client
Determine key information;
The new fixed key information is sent to abnormal client and server.
The embodiment of the present invention additionally provides a kind of storage medium, is stored thereon with computer program, by by based on described
Calculation machine program at least can perform the step of following methods:
According to the type of service of application, client corresponding with the type of service of the application is generated;
Fixed key information is distributed for the client, wherein the fixed key information of each client is different;
The fixed key information of the client is sent to server and the terminal of the client is installed;Wherein,
The first key information that the fixed key information is used to provide with server generates dynamic key;Wherein, the dynamic is close
Key, the information encryption for being interacted to the server and the client or decryption.
When the computer program is run by processor, also execute:
Periodically it is that the client distributes fixed key information.
When the computer program is run by processor, also execute:
Receive the risk report that risk control system is sent;
When the risk report shows the client there are abnormal behaviour, new consolidate is distributed to there is abnormal client
Determine key information;
The new fixed key information is sent to abnormal client and server.
It is understood that the processor in the embodiment of the present invention may be a kind of IC chip, with signal
Processing capacity.During realization, each step of the above method can by the integrated logic circuit of the hardware in processor or
The instruction of person's software form is completed.Above-mentioned processor can be general processor, digital signal processor (DSP, Digital
Signal Processor) either other programmable logic device, discrete gate or transistor logic, discrete hardware group
Part etc..Processor may be implemented or execute disclosed each method, step and logic diagram in the embodiment of the present invention.General place
It can be microprocessor or any conventional processor etc. to manage device.The step of method in conjunction with disclosed in the embodiment of the present invention,
Hardware decoding processor can be embodied directly in and execute completion, or in decoding processor hardware and software module combination hold
Row is completed.Software module can be located in storage medium, which is located at memory, and processor reads the letter in memory
Breath, in conjunction with the step of its hardware completion preceding method.
Memory in the embodiment of the present invention can be volatile memory or nonvolatile memory, may also comprise volatile
Both property and nonvolatile memory.Wherein, nonvolatile memory can be read-only memory (Read Only Memory,
ROM), programmable read only memory (Programmable Read-Only Memory, PROM), erasable programmable is read-only deposits
Reservoir (Erasable Programmable Read-Only Memory, EPROM), electrically erasable programmable read-only memory
(Electrically Erasable Programmable Read-Only Memory, EEPROM), magnetic random access store
Device (ferromagnetic random access memory, FRAM), flash memory (Flash Memory), magnetic surface are deposited
Reservoir, CD or CD-ROM (Compact Disc Read-Only, Memory CD-ROM);Magnetic surface storage can be
Magnetic disk storage or magnetic tape storage.Volatile memory can be random access memory (Random Access Memory,
RAM), it is used as External Cache.By exemplary but be not restricted explanation, the RAM of many forms is available, such as static
Random access memory (Static Random Access Memory, SRAM), synchronous static RAM
(Synchronous Static Random Access Memory, SSRAM), dynamic random access memory (Dynamic
Random Access Memory, DRAM), Synchronous Dynamic Random Access Memory (Synchronous Dynamic Random
Access Memory, SDRAM), double data speed synchronous dynamic RAM (Double Data Rate
Synchronous Dynamic Random Access Memory, DDRSDRAM), enhanced synchronous dynamic random-access storage
Device (Enhanced Synchronous Dynamic Random Access Memory, ESDRAM), synchronized links dynamic random
Access memory (SyncLink Dynamic Random Access Memory, SLDRAM), direct rambus arbitrary access
Memory (Direct Rambus Random Access Memory, DRRAM).The memory of description of the embodiment of the present invention is intended to
The including but not limited to memory of these and any other suitable type.
The foregoing is only a preferred embodiment of the present invention, is not intended to limit the scope of the present invention.
Claims (14)
1. a kind of information processing method, which is characterized in that the method includes:
Obtain the first key information for calculating dynamic key;
The dynamic key is generated according to the fixed key information of the first key information and client;Wherein, the fixation
Key information is the distribution of client-side management platform, and the fixed key information of different clients is different;
The information interacted is encrypted or decrypted using the dynamic key.
2. according to the method described in claim 1, it is characterized in that, the method further includes:
Receive the fixed key information that the client-side management land period is sent.
3. according to the method described in claim 1, it is characterized in that, the consolidating according to the first key information and client
Determine key information and generates the dynamic key, including:
It carries out the first key information and the fixed key information to obscure operation, the character string after being obscured;
Hash processing is carried out to the character string, generates the dynamic key.
4. according to the method described in claim 3, it is characterized in that, described by the first key information and the fixed key
Information carries out obscuring operation, the character string after being obscured, including:
The first key information and the fixed key information are subjected to step-by-step and operation, generate the character string after obscuring.
5. method according to any one of claims 1 to 4, which is characterized in that
The client is to be formed according to the type of service of application, wherein different types of service corresponds to different clients.
6. method according to any one of claims 1 to 4, which is characterized in that
If the method is applied to be equipped in the terminal of the client, the acquisition is close for calculating the first of dynamic key
Key information, including:
The first key information for calculating dynamic key is received from server.
7. method according to any one of claims 1 to 4, which is characterized in that
If the method is applied in the server for providing service to the client, the acquisition is for calculating dynamic key
First key information, including:
It is local to read the first key information for calculating dynamic key.
8. a kind of information processing method, which is characterized in that the method includes:
According to the type of service of application, client corresponding with the type of service of the application is generated;
Fixed key information is distributed for the client, wherein the fixed key information of each client is different;
The fixed key information of the client is sent to server and the terminal of the client is installed;Wherein, described
The first key information that fixed key information is used to provide with server generates dynamic key;Wherein, the dynamic key is used
In the information encryption or decryption that are interacted to the server and the client.
9. according to the method described in claim 8, it is characterized in that, the method further includes:
Periodically it is that the client distributes fixed key information.
10. according to the method described in claim 8, it is characterized in that, the method further includes:
Receive the risk report that risk control system is sent;
When the risk report shows the client there are abnormal behaviour, it is close that the client to there is exception distributes new fixation
Key information;
The new fixed key information is sent to abnormal client and server.
11. a kind of electronic equipment, the electronic equipment is terminal or server, which is characterized in that the electronic equipment includes:
Acquisition module, for obtaining the first key information for calculating dynamic key;
Generation module, for generating the dynamic key according to the fixed key information of the first key information and client;
Wherein, the fixed key information is the distribution of client-side management platform, and the fixed key information of different clients is different;
Encryption Decryption module, for the information interacted to be encrypted or decrypted using the dynamic key.
12. a kind of electronic equipment, which is characterized in that the equipment includes:
Client generation module generates client corresponding with the type of service of the application for the type of service according to application
End;
Distribution module, for distributing fixed key information for the client, wherein the fixed key information of each client is not
Together;
Sending module, for the fixed key information of the client to be sent to server and is equipped with the end of the client
End;Wherein, the first key information that the fixed key information is used to provide with server generates dynamic key;Wherein, described
Dynamic key, the information encryption for being interacted to the server and the client or decryption.
13. a kind of electronic equipment, which is characterized in that including:Processor and memory;Wherein,
The memory, the memory for storing the computer program that can be run on a processor,
The processor is connect with the memory, and when for running the computer program, perform claim requires 1-7 or power
Profit requires the step of any one of 8 to 10 the method.
14. a kind of computer readable storage medium, is stored thereon with computer program, when which is executed by processor
The step of realizing any one of claim 1-7 or claim 8 to 10 the method.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810117435.2A CN108495309B (en) | 2018-02-06 | 2018-02-06 | Information processing method, electronic device, and storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810117435.2A CN108495309B (en) | 2018-02-06 | 2018-02-06 | Information processing method, electronic device, and storage medium |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108495309A true CN108495309A (en) | 2018-09-04 |
CN108495309B CN108495309B (en) | 2022-03-25 |
Family
ID=63344422
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810117435.2A Active CN108495309B (en) | 2018-02-06 | 2018-02-06 | Information processing method, electronic device, and storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108495309B (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110334528A (en) * | 2019-06-04 | 2019-10-15 | 北京口袋时尚科技有限公司 | Digital ID obscures method, obscures digital ID method of calibration and device |
CN112564901A (en) * | 2020-12-08 | 2021-03-26 | 浙江三维万易联科技有限公司 | Key generation method and system, storage medium and electronic device |
Citations (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1627682A (en) * | 2003-12-12 | 2005-06-15 | 华为技术有限公司 | Method for creating dynamic cipher at time of building connection in network transmission |
CN101631305A (en) * | 2009-07-28 | 2010-01-20 | 交通银行股份有限公司 | Encryption method and system |
CN101883108A (en) * | 2010-06-29 | 2010-11-10 | 中兴通讯股份有限公司 | Document transmission method and system of dynamic authentication |
CN102118392A (en) * | 2011-01-18 | 2011-07-06 | 南京朗睿软件科技有限公司 | Encryption/decryption method and system for data transmission |
US20130290733A1 (en) * | 2012-04-26 | 2013-10-31 | Appsense Limited | Systems and methods for caching security information |
CN104486307A (en) * | 2014-12-03 | 2015-04-01 | 中国电子科技集团公司第三十研究所 | Decentralized key management method based on homomorphic encryption |
CN104796399A (en) * | 2015-01-08 | 2015-07-22 | 北京思普崚技术有限公司 | Key negotiation method of data encryption transmission |
CN106850699A (en) * | 2017-04-10 | 2017-06-13 | 中国工商银行股份有限公司 | A kind of mobile terminal login authentication method and system |
US9806888B1 (en) * | 2016-07-06 | 2017-10-31 | Shimon Gersten | System and method for data protection using dynamic tokens |
CN107395581A (en) * | 2017-07-11 | 2017-11-24 | 上海众人网络安全技术有限公司 | Quick Response Code generates and read method, device, system, equipment and storage medium |
US20170366388A1 (en) * | 2014-12-19 | 2017-12-21 | Ivent Mobile B.V. | Voice and text data service for mobile subscribers |
-
2018
- 2018-02-06 CN CN201810117435.2A patent/CN108495309B/en active Active
Patent Citations (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1627682A (en) * | 2003-12-12 | 2005-06-15 | 华为技术有限公司 | Method for creating dynamic cipher at time of building connection in network transmission |
CN101631305A (en) * | 2009-07-28 | 2010-01-20 | 交通银行股份有限公司 | Encryption method and system |
CN101883108A (en) * | 2010-06-29 | 2010-11-10 | 中兴通讯股份有限公司 | Document transmission method and system of dynamic authentication |
CN102118392A (en) * | 2011-01-18 | 2011-07-06 | 南京朗睿软件科技有限公司 | Encryption/decryption method and system for data transmission |
US20130290733A1 (en) * | 2012-04-26 | 2013-10-31 | Appsense Limited | Systems and methods for caching security information |
CN104486307A (en) * | 2014-12-03 | 2015-04-01 | 中国电子科技集团公司第三十研究所 | Decentralized key management method based on homomorphic encryption |
US20170366388A1 (en) * | 2014-12-19 | 2017-12-21 | Ivent Mobile B.V. | Voice and text data service for mobile subscribers |
CN104796399A (en) * | 2015-01-08 | 2015-07-22 | 北京思普崚技术有限公司 | Key negotiation method of data encryption transmission |
US9806888B1 (en) * | 2016-07-06 | 2017-10-31 | Shimon Gersten | System and method for data protection using dynamic tokens |
CN106850699A (en) * | 2017-04-10 | 2017-06-13 | 中国工商银行股份有限公司 | A kind of mobile terminal login authentication method and system |
CN107395581A (en) * | 2017-07-11 | 2017-11-24 | 上海众人网络安全技术有限公司 | Quick Response Code generates and read method, device, system, equipment and storage medium |
Non-Patent Citations (2)
Title |
---|
ZHIWEI ZHANG等: "SMART: Sponsored Mobile App RecommendaTion by Balancing App Downloads and Appstore Profit", 《2017 IEEE INTERNATIONAL CONFERENCE ON BIG DATA (BIGDATA)》 * |
李晖等: "公共云存储服务数据安全及隐私保护技术综述", 《计算机研究与发展》 * |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110334528A (en) * | 2019-06-04 | 2019-10-15 | 北京口袋时尚科技有限公司 | Digital ID obscures method, obscures digital ID method of calibration and device |
CN112564901A (en) * | 2020-12-08 | 2021-03-26 | 浙江三维万易联科技有限公司 | Key generation method and system, storage medium and electronic device |
CN112564901B (en) * | 2020-12-08 | 2023-08-25 | 三维通信股份有限公司 | Method and system for generating secret key, storage medium and electronic device |
Also Published As
Publication number | Publication date |
---|---|
CN108495309B (en) | 2022-03-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109033855B (en) | Data transmission method and device based on block chain and storage medium | |
EP1942430B1 (en) | Token Passing Technique for Media Playback Devices | |
CN102792630B (en) | Systems and methods for authenticating an electronic transaction | |
US9852300B2 (en) | Secure audit logging | |
CN103138939B (en) | Based on the key access times management method of credible platform module under cloud memory module | |
US20210056541A1 (en) | Method and system for mobile cryptocurrency wallet connectivity | |
CN103067160B (en) | A kind of method and system for the dynamic key production for encrypting SD card | |
US7877604B2 (en) | Proof of execution using random function | |
CN102982257A (en) | Digital rights management using trusted processing techniques | |
CN107920052B (en) | Encryption method and intelligent device | |
CN112565265B (en) | Authentication method, authentication system and communication method between terminal devices of Internet of things | |
CA2714196A1 (en) | Information distribution system and program for the same | |
CN107918731A (en) | Method and apparatus for controlling the authority to access to open interface | |
CN110417547B (en) | Secret key updating method and system for secret communication based on certificateless cryptography | |
CN110380859B (en) | Quantum communication service station identity authentication method and system based on asymmetric key pool pair and DH protocol | |
CN110557248B (en) | Secret key updating method and system based on signcryption of certificateless cryptography | |
CN109033808B (en) | Game experience method and account server | |
US6633980B1 (en) | Computing device communication with replay protection | |
CN106127081B (en) | The open data fault-tolerant method for secure storing that can verify that | |
CN113111386A (en) | Privacy protection method for block chain transaction data | |
CN108495309A (en) | Method, electronic equipment and the storage medium of information processing | |
CN114500069A (en) | Method and system for storing and sharing electronic contract | |
JP2002529778A (en) | Incorporating shared randomness into distributed encryption | |
CN114154181A (en) | Privacy calculation method based on distributed storage | |
CN106603544A (en) | Data storage and cloud control method capable of lightweight auditing |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |